<?php
require_once('conn.php');
$username=$_POST['username'];
$password=$_POST['password'];
$exec_customer="select * from customer where mobileNO='".$username."'";
$exec_user="select * from user where name='".$username."'";
//$exec_admin="select * from admin where mobileNO='".$username."'";
$result_customer=mysql_query($exec_customer);
$result_user=mysql_query($exec_user);
$result_admin=mysql_query($exec_admin);
$row_customer = mysql_fetch_array($result_customer);
$row_user = mysql_fetch_array($result_user);
//$row_admin = mysql_fetch_array($result_admin);	
// var_dump($row_customer);
// var_dump($row_user);
// var_dump($row_admin);
if ($row_customer[0]!='')
{
	if ($row_customer[2] == $password)
	{
		session_start();
		$_SESSION['loginOK']=true;
		$_SESSION['username']=$username;
		$mobileNO = $username;
		$loginDate = date("Y-m-d"); ;
		$exec = "INSERT INTO loginRecord(mobileNO, loginDate, userBehave) VALUES('$mobileNO', '$loginDate', 'login')";
		mysql_query($exec);
		echo '<script language="JavaScript">window.location.href="personalInfo.php";</script>'; 			
	}
	else
	{
		echo '<script language="JavaScript">window.location.href="index.php";</script>'; 
	}		
}
else if ($row_user[0]!='')
{
	if ($row_user[2] == $password)
	{
		session_start();
		$_SESSION['loginOK']=true;
		$_SESSION['username']=$username;
		$mobileNO = $username;
		$loginDate = date("Y-m-d"); ;
		$exec = "INSERT INTO loginRecord(mobileNO, loginDate, userBehave) VALUES('$mobileNO', '$loginDate', 'login')";
		mysql_query($exec);
		echo '<script language="JavaScript">window.location.href="inputForm.php";</script>'; 			
	}
	else
	{
		echo '<script language="JavaScript">window.location.href="index.php";</script>'; 
	}		
}
// else if($row_admin[0]!='')
// {
	// // todo:管理员登录
// }
else
{
	echo '<script language="JavaScript">window.location.href="index.php";</script>'; 
}
?>